The latest CompTIA Security+ (SY0-601) certification actual real practice exam question and answer (Q&A) dumps are available free, which are helpful for you to pass the CompTIA Security+ (SY0-601) exam and earn CompTIA Security+ (SY0-601) certification.
Table of Contents
- Question 191
- Exam Question
- Correct Answer
- Question 192
- Exam Question
- Correct Answer
- Question 193
- Exam Question
- Correct Answer
- Question 194
- Exam Question
- Correct Answer
- Question 195
- Exam Question
- Correct Answer
- Question 196
- Exam Question
- Correct Answer
- Question 197
- Exam Question
- Correct Answer
- Question 198
- Exam Question
- Correct Answer
- Question 199
- Exam Question
- Correct Answer
- Question 200
- Exam Question
- Correct Answer
Question 191
Exam Question
Group-based access control in MS Windows environments is an example of:
A. RBAC
B. DAC
C. ABAC
D. MAC
Correct Answer
A. RBAC
Question 192
Exam Question
Which access control model defines access control rules with the use of statements that closely resemble natural language?
A. DAC
B. ABAC
C. MAC
D. RBAC
Correct Answer
B. ABAC
Question 193
Exam Question
In the Kerberos-based authentication process, the purpose of the client’s timestamp is to provide countermeasure against:
A. Replay attacks
B. Dictionary attacks
C. Birthday attacks
D. Downgrade attacks
Correct Answer
A. Replay attacks
Question 194
Exam Question
Which of the following authentication protocols can be used to enable SSO in Windows-based network environments?
A. PAP
B. LDAP
C. MS-CHAP
D. Kerberos
Correct Answer
D. Kerberos
Question 195
Exam Question
OpenID Connect is a protocol used for:
A. Authentication
B. Authorization
C. Accounting
Correct Answer
A. Authentication
Question 196
Exam Question
What are the characteristics of TACACS+? (Select 3 answers)
A. Encrypts only the password in the access-request packet
B. Combines authentication and authorization
C. Encrypts the entire payload of the access-request packet
D. Primarily used for device administration
E. Separates authentication and authorization
F. Primarily used for network access
Correct Answer
C. Encrypts the entire payload of the access-request packet
D. Primarily used for device administration
E. Separates authentication and authorization
Question 197
Exam Question
An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login on only one of the components is known as:
A. NAC
B. SSO
C. AAA
D. MFA
Correct Answer
B. SSO
Question 198
Exam Question
802.1X is an IEEE standard for implementing:
A. VLAN tagging
B. Token ring networks
C. Port-based NAC
D. Wireless networks
Correct Answer
C. Port-based NAC
Question 199
Exam Question
Challenge Handshake Authentication Protocol (CHAP) is a remote access authentication protocol that periodically re-authenticates client at random intervals to prevent session hijacking.
A. True
B. False
Correct Answer
A. True
Question 200
Exam Question
During a password reminder procedure the system asks security question that covers personal details that should be known only to the user (e.g. user’s favorite holiday destination). This type of authentication method is an example of:
A. SAE
B. KBA
C. IdP
D. PII
Correct Answer
B. KBA